Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score:Legacy ID
31 Oct 2016 Closed Medium 6.7 SYM16-018
Symantec has released updates to address two security issues: a cross-site scripting (XSS) issue and a denial of service (DoS) issue reported in the Symantec IT Management Suite (ITMS) workflow process manager console.
Symantec IT Manage Suite Workflow Process Manager Console
Symantec was notified of a reflected cross-site scripting (XSS) issue found in the ITMS 8.0 workflow process manager console. This was due to the failure to properly filter user-supplied input during an HTTP request to the workflow process manager console.
XSS issues are the result of insufficient validation/sanitation of user input and server output. A successful exploitation of this type of issue is possible should a properly authenticated user click on a maliciously crafted link or an authenticated user with access to the management console submit a specifically formatted HTTP request. Depending on the nature of the link, it is possible for arbitrary HTML requests and scripts to be executed in the context of the user, potentially allowing unauthorized access to or modification of ITMS information.
If an external attacker wanted to take advantage of this issue, they would need to successfully entice an authorized console user to visit a malicious website or click a malicious HTML link in an email.
In a typical installation, the Symantec ITMS workflow process manager console should not be accessible outside of the network environment, and access should be restricted to specified users/administrators. Web browsers used by authorized users to manage the Symantec ITMS workflow process manager should never be used to browse external websites during an active administrative session. These restrictions greatly reduce exposure to external exploit attempts.
The ITMS workflow process manager console login window does not properly sanitize user input. An authorized network user with access to the workflow process manager console application could potentially input large quantities of data. This could cause reduced responsiveness in the workflow process manager console application’s functionality.
Marcin Zięba of Prevenity.com (CVE-2016-6588, CVE-2016-6589)
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.